package com.hongkuncheng.cms.controller.admin;

import com.hongkuncheng.cms.helper.SecurityHelper;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.stereotype.Controller;
import com.hongkuncheng.cms.controller.BaseController;
import com.hongkuncheng.cms.helper.PageHelper;
import com.hongkuncheng.cms.model.Admin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * 密码修改
 *
 * @author 洪坤成
 */
@Controller
@Transactional
@RequestMapping("admin/password")
public class ApasswordController extends BaseController {

    // 密码修改
    @RequestMapping
    public String index() {
        return view();
    }

    // 密码修改处理
    @RequestMapping("update")
    @ResponseBody
    public void update() {
        Admin admin = (Admin) request.getSession().getAttribute("admin");
        String passwordOld = request.getParameter("passwordOld");
        if (!SecurityHelper.md5Encrypt(admin.getAccount() + "_" + passwordOld).equals(admin.getPassword())) {
            PageHelper.alertAndGoBack("旧密码错误");
        } else {
            String passwordNew = request.getParameter("passwordNew");
            admin.setPassword(SecurityHelper.md5Encrypt(admin.getAccount() + "_" + passwordNew));
            factorySession.update(admin);
            request.getSession().setAttribute("admin", admin);
            PageHelper.alertAndRedirect("保存成功", "./");
        }
    }

}
